Let customers toggle between inclusive and exclusive VAT pricing in your WooCommerce store.
Category Scores
Issues to Review
Prioritized issue groups from the latest Plugin Check scan
Security
24
6 issue groups
Maintainability
21
6 issue groups
I18n
2
2 issue groups
WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.14
- Category
- Security
- Occurrences
- 14
- Severity
- warning
Sample message
Processing form data without nonce verification.
ERRORMaintainabilitywp function not compatible with requires wpFunction "did_filter()" requires WordPress 6.1.0, but your plugin minimum supported version is WordPress 5.0.0.9
- Category
- Maintainability
- Occurrences
- 9
- Severity
- error
Sample message
Function "did_filter()" requires WordPress 6.1.0, but your plugin minimum supported version is WordPress 5.0.0.
WARNINGMaintainabilityNon-prefixed hook nameHook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "pewc_field_formatted_price".5
- Category
- Maintainability
- Occurrences
- 5
- Severity
- warning
Sample message
Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "pewc_field_formatted_price".
WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.3
- Category
- Security
- Occurrences
- 3
- Severity
- warning
Sample message
Processing form data without nonce verification.
WARNINGMaintainabilityNot In FooterIn footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.3
- Category
- Maintainability
- Occurrences
- 3
- Severity
- warning
Sample message
In footer ($in_footer) is not set explicitly wp_enqueue_script; It is recommended to load scripts in the footer. Please set this value to `true` to load it in the footer, or explicitly `false` if it should be loaded in the header.
WARNINGMaintainabilityMixed line endingsFile has mixed line endings; this may cause incorrect results2
- Category
- Maintainability
- Occurrences
- 2
- Severity
- warning
Sample message
File has mixed line endings; this may cause incorrect results
ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<li><a href='$url' class='$class'>$text</a> $separator </li>"'.2
- Category
- Security
- Occurrences
- 2
- Severity
- error
Sample message
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '"<li><a href='$url' class='$class'>$text</a> $separator </li>"'.
WARNINGSecurityInput is not sanitizedDetected usage of a non-sanitized input variable: $_POST['attributes']2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
Detected usage of a non-sanitized input variable: $_POST['attributes']
WARNINGSecurityRequest data is not unslashed$_GET['section'] not unslashed before sanitization. Use wp_unslash() or similar2
- Category
- Security
- Occurrences
- 2
- Severity
- warning
Sample message
$_GET['section'] not unslashed before sanitization. Use wp_unslash() or similar
WARNINGMaintainabilityNon-prefixed global variableGlobal variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$hide_save_button".1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- warning
Sample message
Global variables defined by a theme/plugin should start with the theme/plugin prefix. Found: "$hide_save_button".
Show 4 moreShow less
ERRORSecurityUnsafe printing function1
- Category
- Security
- Occurrences
- 1
- Severity
- error
Sample message
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
ERRORMaintainabilityparse url parse url1
- Category
- Maintainability
- Occurrences
- 1
- Severity
- error
Sample message
parse_url() is discouraged because of inconsistency in the output across PHP versions; use wp_parse_url() instead.
ERRORI18nMissing Arg Domain1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
Missing $domain parameter in function call to __().
ERRORI18nNon Singular String Literal Text1
- Category
- I18n
- Occurrences
- 1
- Severity
- error
Sample message
The $text parameter must be a single text string literal. Found: $attributes[ $label_key ]
External Connections
Potential connections found in static code analysis.
Outbound calls
34
External assets
0
Incoming endpoints
0
Notable Domains
Platform / Reference Domains
External Asset Domains
No external asset domains detected.
Incoming Endpoints
No public endpoints detected.
Score History
First score snapshot
v1.6.13
54
Latest
- Findings
- 47
- Errors
- 15
- Warnings
- 32
- Check
- 2.0.0
| Scan | Score | Findings | Errors | Warnings | Plugin | Check |
|---|---|---|---|---|---|---|
| Latest | 54 | 47 | 15 | 32 | v1.6.13 | 2.0.0 |
Relationship Map
Author, categories, issues, domains, and nearby plugins.
Relationship links
Issue
Domain
Related
Issue
Domain
Related
Related Plugins
1k+ active installs
2k+ active installs
40k+ active installs
3k+ active installs
2k+ active installs
7k+ active installs